pull down to refresh
some AI bots are even making PRs to original code
Yeah. This happens all the time now. MSGH wanted this (the last GitHub CEO was literally appointed to do this "transition".) And FOSS maintainers are dealing with the problem of getting incredibly bad pull requests.
idk I have the feeling that we are living in a slop world...
I recently had a conversation with a friend that maintains a small open source C library for his job (and does not nearly maintain code quality standards I'd personally be comfortable with) and he asked me my opinion on a PR that he felt was off. I pointed him to a Claude Code pattern and he was amazed that he'd been bullshitted by the author for weeks. I also pointed him to the wording in some of the public conversation being highly suspect of AI generated conversation. His world... sucks right now. Especially because he and the author of the slop PR work for the same company, lol.
The current LLM architecture could be used when you're willing to read and understand every line and correct every error. I fully align with Linus on "yes it's interesting, no it's not for production".
Sometimes I ask myself: should I use this app if I know that most of it was coded by a LLM?
Not if it has critical functions.
I wouldn't use an LLM coded OS/firmware, browser, PGP implementation, Bitcoin wallet, secure messenger, credential vault... basically anything that implements cryptography or performs generic functionality. This will get harder though: using android and/or chrome, we will probably be exposed to LLM-coded parts, as Google says 70% is now AI (which is extremely worrying depending on how they measure it, as review and testing takes more time than coding.)
I have put whitenoise on my insecure phone for testing with ek the other day, despite looking at the code and knowing that it is vibecoded. But there isn't anything on that phone that matters if it's leaked, or that cannot be wiped.
However, I desperately need help with reviewing code for my secure devices, so I am thinking about further automating code review on FOSS apps. Maybe I'd employ an LLM in that to flag up things on big diffs. I'm not super happy about this, but as code gets more voluminous, I can't keep up with all the release cycles.
Yes. On my own repos, absolutely.
In this case it's me reviewing the code for the products I want to use. Think Signal or in the LN sphere, Blixt/Zeus. So I generally deal with tag..tag post-release, pre-install. I don't mind big diffs, what I really mind is 60 dependencies that you have to go through, like how Proton is structured, and then refactors happening on these.
FWIW, I sometimes run into the same issue with Bitcoin Core's refactoring policy.
IMHO the best "AI" use case is for memes (especially cats memes).
Oh so is worse than I thought, some AI bots are even making PRs to original code and if the maintainer is not paying attention, end up in something worse. LOL
idk I have the feeling that we are living in a slop world...